设为首页收藏本站
B. Malaysia手机版

佳礼资讯网

 找回密码
 注册

ADVERTISEMENT

佳礼资讯网»我有话说 电脑手机 电脑,手提 [间谍:求助] HijackThis
返回列表 发新帖
查看: 570|回复: 0

[间谍:求助] HijackThis

[复制链接]
bbqyong
发表于 20-6-2004 01:00 AM | 显示全部楼层 |阅读模式
[间谍:求助] 麻烦各位大大..可以帮我看看我有没有被Hijack...
帮个忙..谢谢了...

  1. Logfile of HijackThis v1.97.7
  2. Scan saved at 2:00:39, on 2004-6-20
  3. Platform: Windows XP SP1 (WinNT 5.01.2600)
  4. MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

  6. Running processes:
  7. D:\WINDOWS\System32\smss.exe
  8. D:\WINDOWS\system32\winlogon.exe
  9. D:\WINDOWS\system32\services.exe
  10. D:\WINDOWS\system32\lsass.exe
  11. D:\WINDOWS\system32\svchost.exe
  12. D:\WINDOWS\System32\svchost.exe
  13. D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
  14. D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
  15. D:\WINDOWS\Explorer.EXE
  16. D:\WINDOWS\system32\spoolsv.exe
  17. D:\WINDOWS\Mixer.exe
  18. D:\Program Files\Common Files\Real\Update_OB\realsched.exe
  19. D:\WINDOWS\System32\Rundll32.exe
  20. D:\Program Files\Winamp\winampa.exe
  21. D:\Program Files\Common Files\Symantec Shared\ccApp.exe
  22. D:\Program Files\ISTsvc\istsvc.exe
  23. D:\Program Files\Internet Optimizer\optimize.exe
  24. D:\WINDOWS\System32\esmzroc.exe
  25. D:\WINDOWS\System32\ctfmon.exe
  26. D:\DOCUME~1\WEDD8~1.CHO\LOCALS~1\Temp\Rar$EX00.604\SuperRam.exe
  27. D:\Program Files\Skype\Phone\Skype.exe
  28. D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
  29. D:\Program Files\Norton AntiVirus\navapsvc.exe
  30. D:\WINDOWS\System32\nvsvc32.exe
  31. D:\WINDOWS\system32\srvany.exe
  32. D:\WINDOWS\system32\resetservice.exe
  33. D:\Program Files\Norton AntiVirus\SAVScan.exe
  34. D:\WINDOWS\System32\svchost.exe
  35. D:\WINDOWS\System32\Tablet.exe
  36. D:\Program Files\MSN Messenger\msnmsgr.exe
  37. D:\PROGRA~1\ICQ\ICQ.exe
  38. D:\Program Files\Internet Explorer\iexplore.exe
  39. D:\DOCUME~1\WEDD8~1.CHO\LOCALS~1\Temp\msbb.exe
  40. D:\Program Files\WindowsSA\omniscient.exe
  41. D:\Program Files\Real\RealOne Player\RealPlay.exe
  42. D:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
  43. D:\WINDOWS\Integrator.exe
  44. D:\PROGRA~1\NORTON~1\navw32.exe
  45. D:\Program Files\Xi\NetTransport 2\NetTransport.exe
  46. D:\Documents and Settings\w.choong\桌面\HijackThis.exe

  48. R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
  49. O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - D:\WINDOWS\twaintec.dll
  50. O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
  51. O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
  52. O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - D:\WINDOWS\2_0_1browserhelper2.dll
  53. O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - D:\WINDOWS\Downloaded Program Files\bridge.dll
  54. O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FLASHGET\jccatch.dll
  55. O2 - BHO: (no name) - {B3ECCAC9-C7FA-462C-894B-8E9930A70E14} - D:\PROGRA~1\KuGoo\IEHELP~2.DLL
  56. O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton AntiVirus\NavShExt.dll
  57. O2 - BHO: (no name) - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - D:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
  58. O2 - BHO: (no name) - {F7F808F0-6F7D-442C-93E3-4A4827C2E4C8} - D:\WINDOWS\nem218.dll
  59. O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll
  60. O3 - Toolbar: ????? - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Toolbar\01.01.1601.0\zh-cn\msntb.dll (file missing)
  61. O3 - Toolbar: ????? - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
  62. O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll
  63. O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
  64. O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
  65. O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
  66. O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
  67. O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
  68. O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
  69. O4 - HKLM\..\Run: [MessengerPlus2] "D:\Program Files\Messenger Plus! 2\MsgPlus.exe"
  70. O4 - HKLM\..\Run: [winactive] D:\Program Files\Window Active\winactive.exe
  71. O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
  72. O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
  73. O4 - HKLM\..\Run: [IMSCMig] D:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
  74. O4 - HKLM\..\Run: [Mirabilis ICQ] D:\PROGRA~1\ICQ\ICQNet.exe
  75. O4 - HKLM\..\Run: [AxFilter] Rundll32.exe D:\WINDOWS\downlo~1\AxFilter.dll,Rundll32
  76. O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
  77. O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
  78. O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
  79. O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
  80. O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
  81. O4 - HKLM\..\Run: [IST Service] D:\Program Files\ISTsvc\istsvc.exe
  82. O4 - HKLM\..\Run: [Internet Optimizer] "D:\Program Files\Internet Optimizer\optimize.exe"
  83. O4 - HKLM\..\Run: [msbb] d:\docume~1\wedd8~1.cho\locals~1\temp\msbb.exe
  84. O4 - HKLM\..\Run: [pwj] D:\WINDOWS\pwj.exe
  85. O4 - HKLM\..\Run: [vngdxerdh] D:\WINDOWS\System32\esmzroc.exe
  86. O4 - HKLM\..\Run: [unwz] D:\WINDOWS\unwz.exe
  87. O4 - HKLM\..\Run: [alchem] D:\WINDOWS\alchem.exe
  88. O4 - HKLM\..\Run: [RunDLL] rundll32.exe "D:\WINDOWS\Downloaded Program Files\bridge.dll",Load
  89. O4 - HKLM\..\Run: [gdgfsfet] D:\WINDOWS\gdgfsfet.exe
  90. O4 - HKLM\..\Run: [pehsb] D:\WINDOWS\pehsb.exe
  91. O4 - HKLM\..\Run: [upcz] D:\WINDOWS\upcz.exe
  92. O4 - HKLM\..\Run: [vepob] D:\WINDOWS\vepob.exe
  93. O4 - HKLM\..\Run: [nktsn] D:\WINDOWS\nktsn.exe
  94. O4 - HKLM\..\Run: [Windows SA] D:\Program Files\WindowsSA\omniscient.exe
  95. O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\System32\ctfmon.exe
  96. O4 - HKCU\..\Run: [SuperRam] "D:\DOCUME~1\WEDD8~1.CHO\LOCALS~1\Temp\Rar$EX00.604\SuperRam.exe"
  97. O4 - HKCU\..\Run: [Update Service] D:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup
  98. O4 - HKCU\..\Run: [PcBoost] "D:\DOCUME~1\WEDD8~1.CHO\LOCALS~1\Temp\Rar$EX01.141\PcBoost.exe"
  99. O4 - HKCU\..\Run: [RamCleaner] D:\Program Files\RamCleaner\RamCleaner.exe
  100. O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
  101. O4 - Startup: NTUSER.DAT
  102. O4 - Startup: ntuser.dat.LOG
  103. O4 - Startup: ntuser.ini
  104. O4 - Startup: PocoServerConfig.ini
  105. O8 - Extra context menu item: Yahoo! Dictionary - file:///D:\Program Files\Yahoo!\Common/ycdict.htm
  106. O8 - Extra context menu item: Yahoo! Search - file:///D:\Program Files\Yahoo!\Common/ycsrch.htm
  107. O8 - Extra context menu item: 使用影音传送带下载 - D:\Program Files\Xi\NetTransport 2\NTAddLink.html
  108. O8 - Extra context menu item: 使用影音传送带下载全部链接 - D:\Program Files\Xi\NetTransport 2\NTAddList.html
  109. O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm
  110. O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
  111. O8 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
  112. O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
  113. O9 - Extra button: Pop-Up Blocker (HKLM)
  114. O9 - Extra 'Tools' menuitem: Pop-Up Blocker (HKLM)
  115. O9 - Extra button: Related (HKLM)
  116. O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
  117. O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab27571.cab
  118. O16 - DPF: {12398DD6-40AA-4C40-A4EC-A42CFC0DE797} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_cracks.cab
  119. O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab27571.cab
  120. O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0309.cab
  121. O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
  122. O16 - DPF: {637BB540-6ABA-11D4-901D-00D0090CB3BC} (FMClass Class) - http://www.myplay.com.tw/service/fmplayerKland.cab
  123. O16 - DPF: {7BA7BCE2-D359-4407-82D9-CDF9A74C487A} (DownLoadStub Class) - http://home2.photoisland.com.cn/downloads/DownloadPhotos.cab
  124. O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
  125. O16 - DPF: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (brdg Class) - http://static.flingstone.com/cab/2000XP/ClickYesToContinue/bridge-c14.cab
  126. O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38109.143587963
  127. O16 - DPF: {CD5DB70E-9969-45A5-9E45-5BAC1B2154F8} (ERADMStart.StartControl) - http://www.im.tv/bbstart.ocx
  128. O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
  129. O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab
  130. O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab28578.cab
  131. O17 - HKLM\System\CCS\Services\Tcpip\..\{A9B91E5A-3454-4AC7-89A0-19F5BADF17F3}: NameServer = 210.147.240.193 202.225.94.247
复制代码
回复

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

 

所属分类: 电脑手机


ADVERTISEMENT


本周最热论坛帖子本周最热论坛帖子

ADVERTISEMENT


佳礼网 面子书


ADVERTISEMENT

ADVERTISEMENT


版权所有 © 1996-2023 Cari Internet Sdn Bhd (483575-W)|IPSERVERONE 提供云主机|广告刊登|关于我们|私隐权|免控|投诉|联络|脸书|佳礼资讯网

GMT+8, 10-1-2025 07:25 PM , Processed in 0.142570 second(s), 25 queries , Gzip On.

Powered by Discuz! X3.4

Copyright © 2001-2021, Tencent Cloud.

快速回复 返回顶部 返回列表